Whilst dealing with the daily deluge of malicious files, it is nice for those of us working in SophosLabs to occasionally come across something amusing which can make us smile.
Sometimes even insults can be amusing (even complimentary), as we have previously noted.
Messages to Sophos (sorry, Sofos) within malicious code could be regarded as confirmation that the defences we are putting up are aggravating the criminals.
Earlier this week, a new message appeared in one of the active exploit kits:
This translates to:
Dear Sofos, what do you need from me? I do not understand. Please f*** off! ThankYou!
The exploit kit in question has been active for several months now, and Sophos products block it as Mal/ExpJS-AL.
As usual, compromised websites are responsible for driving traffic to the sites hosting the exploit kit. So even the most careful browsing could still expose you to such threats.
See here for an excellent video describing exactly how drive by downloads work.